The past two years have brought a lot of new computer-security deployments at CERN: 2-factor authentication, new spam filtering, email quarantining, anti-spoofing protection, 2FA protection for LXPLUS and the CERN Windows Terminal Servers, among others

The past two years have brought a lot of new computer-security deployments at CERN. Some of these were not the most user-friendly for the CERN community, as this is not in the inherent nature of “security”, but we tried our best

Following the successful deployment of two-factor authentication (2FA) to more than 42 000 CERN accounts, one final step to ensure full compliance with the recommendations of the 2023 audit on CERN’s cybersecurity remains

We’ve seen in the past two Bulletins that control system cybersecurity is the black sheep of IT, a hard-to-change tanker’s course. Still, with significant daily damage of 250 000 USD for ALMA, the costs of falling to a cyberattack can no longer be ignored

While eagerly expected by experts, the first dominant incident on control systems reported by the media was the Stuxnet attack of 2010 against the Iranian nuclear programme allegedly conducted by some secret services

20 years ago, control systems used to be stand-alone systems, usually decoupled from the larger enterprise networks, using their own network cabling infrastructures and programming languages dedicated to control systems. But no more…

The Computer Security Office is planning to improve the security posture of CERN's web presence, making it a bit more beautiful than before

“ClickFixing”, or the art of luring you into executing a very simple string of copy/paste-like tasks to install malware on your computer

The main ways to get your computer infected these days are clicking on the wrong link, accessing the wrong website and/or installing the wrong software...

To make your life easier, the Computer Security Office has compiled four shortlists of “Security Principles”

Unsolicited marketing and fraudulent calls are unfortunately very common nowadays. Although total protection is impossible, the CERN Telephony Service has implemented several mechanisms to reduce such annoying calls to all CERN telephone numbers

Here are some examples of the Internet of Damn Insecure Stupid Things that were deployed (or intended to be) at CERN. Be prepared to shake your head